@@ -32,6 +32,8 @@ static const char *auth_alg_name(odp_auth_alg_t auth)
return "ODP_AUTH_ALG_SHA1_HMAC";
case ODP_AUTH_ALG_SHA256_HMAC:
return "ODP_AUTH_ALG_SHA256_HMAC";
+ case ODP_AUTH_ALG_SHA512_HMAC:
+ return "ODP_AUTH_ALG_SHA512_HMAC";
case ODP_AUTH_ALG_AES_GCM:
return "ODP_AUTH_ALG_AES_GCM";
default:
@@ -137,6 +139,8 @@ static void alg_test(odp_crypto_op_t op,
if (auth_alg == ODP_AUTH_ALG_SHA256_HMAC &&
!(capa.auths.bit.sha256_hmac))
rc = -1;
+ if (auth_alg == ODP_AUTH_ALG_SHA512_HMAC &&
+ !(capa.auths.bit.sha512_hmac))
rc = -1;
CU_ASSERT(!rc);
@@ -1256,14 +1260,103 @@ static int check_alg_hmac_sha512(void)
return check_alg_support(ODP_CIPHER_ALG_NULL, ODP_AUTH_ALG_SHA512_HMAC);
}
+/* This test verifies the correctness of HMAC_SHA512 digest operation.
+ * The output check length is truncated to 32 bytes (256 bits) as
+ * returned by the crypto operation API call.
+ * Note that hash digest is a one-way operation.
+ * In addition the test verifies if the implementation can use the
+ * packet buffer as completion event buffer.
+ * */
void crypto_test_gen_alg_hmac_sha512(void)
{
- printf(" TEST NOT IMPLEMENTED YET ");
+ odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
+ auth_key = { .data = NULL, .length = 0 };
+ odp_crypto_iv_t iv = { .data = NULL, .length = 0 };
+
+ unsigned int test_vec_num = (sizeof(hmac_sha512_reference_length) /
+ sizeof(hmac_sha512_reference_length[0]));
+
+ unsigned int i;
+
+ for (i = 0; i < test_vec_num; i++) {
+ auth_key.data = hmac_sha512_reference_key[i];
+ auth_key.length = sizeof(hmac_sha512_reference_key[i]);
+
+ if (!check_auth_options(ODP_AUTH_ALG_SHA512_HMAC,
+ auth_key.length,
+ HMAC_SHA512_256_CHECK_LEN))
+ continue;
+
+ alg_test(ODP_CRYPTO_OP_ENCODE,
+ 0,
+ ODP_CIPHER_ALG_NULL,
+ iv,
+ iv.data,
+ cipher_key,
+ ODP_AUTH_ALG_SHA512_HMAC,
+ auth_key,
+ NULL, NULL,
+ hmac_sha512_reference_plaintext[i],
+ hmac_sha512_reference_length[i],
+ NULL, 0,
+ hmac_sha512_reference_digest[i],
+ HMAC_SHA512_256_CHECK_LEN);
+ }
}
void crypto_test_check_alg_hmac_sha512(void)
{
- printf(" TEST NOT IMPLEMENTED YET ");
+ odp_crypto_key_t cipher_key = { .data = NULL, .length = 0 },
+ auth_key = { .data = NULL, .length = 0 };
+ odp_crypto_iv_t iv = { .data = NULL, .length = 0 };
+ uint8_t wrong_digest[HMAC_SHA512_DIGEST_LEN];
+
+ unsigned int test_vec_num = (sizeof(hmac_sha512_reference_length) /
+ sizeof(hmac_sha512_reference_length[0]));
+
+ unsigned int i;
+
+ memset(wrong_digest, 0xa5, sizeof(wrong_digest));
+
+ for (i = 0; i < test_vec_num; i++) {
+ auth_key.data = hmac_sha512_reference_key[i];
+ auth_key.length = sizeof(hmac_sha512_reference_key[i]);
+
+ if (!check_auth_options(ODP_AUTH_ALG_SHA512_HMAC,
+ auth_key.length,
+ HMAC_SHA512_256_CHECK_LEN))
+ continue;
+
+ alg_test(ODP_CRYPTO_OP_DECODE,
+ 0,
+ ODP_CIPHER_ALG_NULL,
+ iv,
+ iv.data,
+ cipher_key,
+ ODP_AUTH_ALG_SHA512_HMAC,
+ auth_key,
+ NULL, NULL,
+ hmac_sha512_reference_plaintext[i],
+ hmac_sha512_reference_length[i],
+ NULL, 0,
+ hmac_sha512_reference_digest[i],
+ HMAC_SHA512_256_CHECK_LEN);
+
+ alg_test(ODP_CRYPTO_OP_DECODE,
+ 1,
+ ODP_CIPHER_ALG_NULL,
+ iv,
+ iv.data,
+ cipher_key,
+ ODP_AUTH_ALG_SHA512_HMAC,
+ auth_key,
+ NULL, NULL,
+ hmac_sha512_reference_plaintext[i],
+ hmac_sha512_reference_length[i],
+ NULL, 0,
+ wrong_digest,
+ HMAC_SHA512_256_CHECK_LEN);
+ }
}
int crypto_suite_sync_init(void)
@@ -394,4 +394,54 @@ static uint8_t hmac_sha1_reference_digest[][HMAC_SHA1_DIGEST_LEN] = {
0x11, 0xcd, 0x91, 0xa3, 0x9a, 0xf4 },
};
+static uint8_t hmac_sha512_reference_key[][HMAC_SHA512_KEY_LEN] = {
+ { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b },
+
+ /* "Jefe" */
+ { 0x4a, 0x65, 0x66, 0x65 },
+
+ { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+ 0xaa, 0xaa, 0xaa, 0xaa }
+};
+
+static uint32_t hmac_sha512_reference_length[] = { 8, 28, 50 };
+
+static uint8_t
+hmac_sha512_reference_plaintext[][HMAC_SHA512_MAX_DATA_LEN] = {
+ /* "Hi There" */
+ { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65},
+
+ /* what do ya want for nothing?*/
+ { 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20,
+ 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20,
+ 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68,
+ 0x69, 0x6e, 0x67, 0x3f },
+
+ { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+ 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd }
+};
+
+static uint8_t hmac_sha512_reference_digest[][HMAC_SHA512_DIGEST_LEN] = {
+ { 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d,
+ 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0,
+ 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78,
+ 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde },
+
+ { 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2,
+ 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3,
+ 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6,
+ 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54 },
+
+ { 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84,
+ 0xef, 0xb0, 0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9,
+ 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36,
+ 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39 }
+};
+
#endif
@@ -41,4 +41,10 @@
#define HMAC_SHA1_DIGEST_LEN 20
#define HMAC_SHA1_96_CHECK_LEN 12
+/* HMAC-SHA512 */
+#define HMAC_SHA512_KEY_LEN 64
+#define HMAC_SHA512_MAX_DATA_LEN 128
+#define HMAC_SHA512_DIGEST_LEN 64
+#define HMAC_SHA512_256_CHECK_LEN 32
+
#endif
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org> --- .../validation/api/crypto/odp_crypto_test_inp.c | 97 +++++++++++++++++++++- .../validation/api/crypto/test_vectors.h | 50 +++++++++++ .../validation/api/crypto/test_vectors_len.h | 6 ++ 3 files changed, 151 insertions(+), 2 deletions(-) -- 2.11.0